﻿using System.IO;
using System.IO.IsolatedStorage;
using System.Security.Cryptography;
using System.Text;

namespace DepSoft.Mobile.WP7.FollwIt.Framework
{
    public static class Security
    {
        #region Private members
        private static string _credUser = "FollwItCred1.dat";
        private static string _credPassw = "FollwItCred2.dat";
        #endregion

        private static void SaveToFile(byte[] encryptedPasswordData, string fileName)
        {
            IsolatedStorageFile getApplicationFile = IsolatedStorageFile.GetUserStoreForApplication();
            if (getApplicationFile.FileExists(fileName))
                getApplicationFile.DeleteFile(fileName);

            IsolatedStorageFileStream fileAsStream = new IsolatedStorageFileStream(fileName, System.IO.FileMode.Create, FileAccess.Write, getApplicationFile);
            Stream writer = new StreamWriter(fileAsStream).BaseStream;
            writer.Write(encryptedPasswordData, 0, encryptedPasswordData.Length);
            writer.Close();
            fileAsStream.Close();
        }

        private static byte[] ReadFromFile(string fileName)
        {
            IsolatedStorageFile getApplicationFile = IsolatedStorageFile.GetUserStoreForApplication();
            byte[] data = null;

            if (getApplicationFile.FileExists(fileName))
            {
                IsolatedStorageFileStream fileAsStream = new IsolatedStorageFileStream(fileName, System.IO.FileMode.Open, FileAccess.Read, getApplicationFile);
                Stream reader = new StreamReader(fileAsStream).BaseStream;
                data = new byte[reader.Length];
                reader.Read(data, 0, data.Length);
                reader.Close();
                fileAsStream.Close();
            }

            return data;
        }

        public static void StoreHashedCredentials(string userName, string password)
        {
            //Convert Password and Salt values to byte[] arrays
            byte[] userNameByte = Encoding.UTF8.GetBytes(userName);
            byte[] passwordByte = Encoding.UTF8.GetBytes(password);

            //Encrypt Password and Salt byte[] arrays using Protect() method
            byte[] protectedUserNameByte = ProtectedData.Protect(userNameByte, null);
            byte[] protectedPasswordByte = ProtectedData.Protect(passwordByte, null);

            //Save byte[] arrays as two files in Isolated Storage
            SaveToFile(protectedUserNameByte, _credUser);
            SaveToFile(protectedPasswordByte, _credPassw);
        }

        public static void RetrieveHashedCredentials(out string userName, out string password)
        {
            userName = string.Empty;
            password = string.Empty;

            //Read byte[] arrays from files
            byte[] protectedUserNameByte = ReadFromFile(_credUser);
            byte[] protectedPasswordByte = ReadFromFile(_credPassw);

            if (!ReferenceEquals(protectedUserNameByte, null) && !ReferenceEquals(protectedPasswordByte, null))
            {
                //Decrypt Password and Salt byte[] arrays using Unprotect() method
                byte[] userNameByte = ProtectedData.Unprotect(protectedUserNameByte, null);
                byte[] passwordByte = ProtectedData.Unprotect(protectedPasswordByte, null);

                //Convert byte[] arrays to strings and display in the text boxes
                userName = Encoding.UTF8.GetString(userNameByte, 0, userNameByte.Length);
                password = Encoding.UTF8.GetString(passwordByte, 0, passwordByte.Length);
            }
        }
    }
}
